NVD disclosure day

Published threat advisories for October 28, 2019

CVE-2019-18187

Trend Micro OfficeScan File Extraction Vulnerability.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

Trend Micro OfficeScan is affected by a directory traversal flaw, enabling authenticated attackers to extract files and potentially execute remote code. This poses a risk to business operations and data security.

NVD published: October 28, 2019 • CISA KEV

CVE advisoryKnown Exploit

CVE-2019-11043

PHP-FPM Remote Code Execution Vulnerability.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A vulnerability in PHP-FPM, under specific Nginx configurations, allows remote code execution. This could impact organizations by enabling attackers to compromise systems and data. The realistic business risk involves potential unauthorized access and control over affected web infrastructure.

NVD published: October 28, 2019 • CISA KEV